Illustration demonstrating how bad actors commit synthetic identity fraud to create new profiles and open bank accounts

Synthetic identity fraud goes together with account opening fraud like peanut butter goes together with jelly or macaroni goes together with cheese. For fraudsters, these two crimes make the perfect match.

But synthetic identity theft isn’t the last stage in a fraudster’s journey. It’s the first step fraudsters must take to commit account opening fraud. From there, fraudsters can commit a host of other crimes, from bust-out fraud to money laundering. Here’s what banks and financial institutions need to know about synthetic identity fraud and account opening fraud and how financial institutions can protect themselves.

What is Synthetic Identity Fraud?

In synthetic identity fraud, fraudsters build a new identity for a fake person using a combination of real and fake information. Armed with their synthetic identity, fraudsters can open new bank accounts and use their fake personas to commit other crimes.

Synthetic identity fraud carries several significant costs for banks. This form of identity theft costs banks billions of dollars each year, according to the Federal Reserve Bank of Boston. But the damage often extends beyond financial losses. Banks also risk damaging reputations and trust among their customers if they can’t protect them from synthetic identity fraud. Finally, banks may also face heightened regulatory scrutiny if they allow synthetic identity fraud to run unchecked.

Infographic detailing 7 stages of synthetic identity fraud, including data breaches, fabricating physical documents, profit, and more.

Synthetic identity is not only limited to bank customers. Fraudsters can also use social media to create fake accounts of real people and use those accounts to push scams. Sometimes, the fraudster uses a celebrity’s identity to deceive people and even try romance scams. For example, a UK woman was tricked into believing she was dating singer George Ezra after she posted to his fan club online. But the account was fake and relied on multiple other fake accounts to attempt to scam the woman out of money.

How Fraudsters Commit Synthetic Identity Fraud

So how do fraudsters commit synthetic identity fraud? The process occurs over several stages.

  1. Fraudsters Obtain Sensitive Information: Bad actors obtain legitimate customers’ personal information through data breaches, phishing, social engineering, or purchasing information on the dark web. This information can include names, addresses, Social Security numbers, dates of birth, and more.
  2. Fraudsters Create Fake Physical Documentation: Once they have the real and fake personal information they need, they create fake physical identification documents (e.g., driver’s licenses and passports) to build legitimacy to their fake personas.
  3. Open New Bank Accounts: Fraudsters present fake identification documents to banks to open new accounts in the name of their synthetic identities. They will make small deposits and withdrawals to help build the synthetic identity’s credit history. This will improve the account’s credit score and enables fraudsters to access a bigger credit line.
  4. Request Loans/Credit Cards: When bank accounts are opened, fraudsters get to work applying for credit cards or loans in the fake persona’s name.
  5. Bust-Out Fraud: When loans and credit cards are approved, fraudsters max out their funds and disappear, leaving banks to absorb the cost of the outstanding debts.
  6. Money Laundering: Some fraudsters use their newly opened accounts to enable money laundering. Criminals may recruit money mules to transfer funds between different accounts and help them disappear.
  7. Profit: Fraudsters ultimately profit from their synthetic identity by using their ill-obtained funds to buy goods and services, invest in assets, or build a lavish lifestyle for themselves.

How Banks Can Protect Themselves from Synthetic ID Fraud

By now, it’s clear that synthetic identity fraud enables fraudsters to commit other serious crimes. What’s more, it’s easier than ever for bad actors to commit this type of fraud in the digital age. That’s because customers are more likely to open accounts digitally without meeting bank employees face-to-face. 

Banks need a more rigorous vetting process to block synthetic identity fraud attempts and halt fraudsters from abusing the account opening process. Here are a few steps banks can take to detect synthetic identity fraud before criminals can commit other crimes. 

Thoroughly verify all bank applicants’ identities 

Basic identity checks are insufficient in the digital banking age. Banks need to upgrade their identity verification process with advanced technology from the early stages of the customer’s relationship. This includes using biometric data like facial recognition or fingerprint scams and implementing multi-factor authentication. These measures can help banks understand if the customer is really who they claim to be at each stage of their journey – especially at the beginning. It is also important to understand if the financial institution is dealing with a real person.

Closely monitor account activity

Look for unusual behaviors in customer accounts that can be a red flag for more serious problems. For example, is someone accessing the account being from different locations? Or is someone opening multiple accounts using the same name? Banks should also monitor how the account is used in its early days. If the account only receives funds from other accounts instead of regular deposits from an employer, that’s a sign the account may be under a fraudster’s control.

Create alerts for suspicious changes in behavior

Banks should also create alerts for suspicious changes in the account holder’s typical patterns. If the account holder’s name suddenly changes or the transaction volume changes rapidly, that indicates suspicious activity. Creating alerts can help banks quickly detect this activity and respond appropriately.

Implement machine learning models

Finding suspicious transactions amid a trove of data is an impossible task. Banks need to invest in machine learning algorithms that can detect suspicious patterns that are very challenging to detect by the human eye. Machine learning algorithms can quickly analyze large volumes of data to pinpoint anomalies indicative of synthetic identity fraud or other suspicious activity.

Educate employees to spot synthetic identity fraud signs

Banks must train their staff on how to identify and report suspicious activities. This includes how to spot fake or altered physical documents. Train staff to identify suspicious banking behaviors and report fraud when they believe they have uncovered a disturbing pattern.

Over-communicate risks with customers

Banks must also ensure their customers know the risks of synthetic identity and account opening fraud.  As banks learn new information about how fraudsters are changing their typologies. If banks realize there is a fraud ring in their system or if a specific ATM has been connected to reports of fraud, they should alert their customers as early as possible. This includes putting notifications on the bank’s website or sending clients warnings using text messages or emails.

Synthetic identity fraud enables bad actors to build fake accounts. But the damage they cause is very real for both banks and customers alike. Taking these steps will help banks ensure they are dealing with real customers and will help cement a foundation of trust from the moment accounts are opened. In the meantime, never believe that a relationship with a celebrity that starts online is going to work out.